Can a Roku TV be Hacked?

Following the 2016 Presidential Election, cybersecurity has taken the forefront of many news headlines. This has caused many people to become concerned about hacking. Feeding into this fear, fake news has started to spread about what will put your identity in danger.

Consumer Reports ran an article where that a program called Automatic Content Recognition (ACR) can take over a Roku TV without much of a problem. ACR is a software that logs what you watch and offers up recommended viewing based on your tastes. Roku implements this system so that they can offer up familiar shows to their viewers much like Netflix and Hulu.

In the Consumer Reports expose, ACR sets the consumer up to watch ads for other shows and movies. However, Roku fought back stating that is indeed the purpose of ACR. If customers do not want to use ACR, they can manually opt out of the service.

The “More Ways to Watch” service which implements ACR is not a default on Roku TV. The owner must willingly go into their settings and enable it.

Therefore, Roku is looking to clear their name of setting up their subscribers for an ambush of advertisements.

Secondly, Consumer Reports claim that the Roku TV may be hacked through an option on the device called External Control. In their article, the magazine stated that they took complete control over the remote for both Samsung and TCL’s Roku TV. Through this invasion, the company controlled channels, the volume, and app downloads. They also played questionable content through YouTube.

If you are still concerned about being remotely taken over through External Control, you may tun this feature off as well. To do so follow this path:

“Consumer Reports issued a report saying that Roku TVs and players are vulnerable to hacking. This is a mischaracterization of a feature. It is unfortunate that the feature was reported in this way. We want to assure our customers that there is no security risk.”

Roku finished their defense by stating,

“We take the security of our platform and the privacy of our users very seriously.”